Users of WhatsApp — particularly those on Android — might have a major security flaw that could threaten user privacy if left unchecked.
As reported on Hacker News (via), this security flaw could make it possible for third parties to gain access to your private WhatsApp messages via downloaded Android applications without your permission.
The culprit? The app’s built-in ability to back up your messages for when you transfer to a new device or restoring from a device reset.
“[uploading and reading WhatsApp messages from another Android app] is not much of a problem.”
“The WhatsApp database is saved on the SD card which can be read by any Android application if the user allows it to access the SD card,” security consultant Bas Bosschert posted on his website. “And since majority of the people allows everything on their Android device, [uploading and reading WhatsApp messages from another Android app] is not much of a problem.”
This is certainly not the first time this year that a security flaw has been found. Popular messaging and sharing app Snapchat was also the victim of a security flaw earlier this year, a flaw that it attempted to fix but to little avail.
WhatsApp was recently acquired by Facebook. While Facebook continues to insist the app will remain independent from the social network’s other offerings, not everyone agrees this will be the case. This acquisition has placed a number of privacy concerns directly in the spotlight.
WhatsApp has not yet commented on this security flaw.